]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0bf18fd) | patch
Don't blindly use PKCS11 slot IDs in PKINIT
authorGreg Hudson <ghudson@mit.edu>
Thu, 22 May 2014 23:18:34 +0000 (19:18 -0400)
committerGreg Hudson <ghudson@mit.edu>
Sat, 24 May 2014 15:18:30 +0000 (11:18 -0400)
commitac406bac3d73a7e4efcc74adbb90c722457da969
treef63f7f11c0fb736a23e81cc748e7ad4aec485063tree | snapshot
parent0bf18fd4363f9f1244688daac224bd456bf52e7fcommit | diff
Don't blindly use PKCS11 slot IDs in PKINIT

Passing invalid slot IDs to C_OpenSession can cause some PKCS #11
implementations (such as the Solaris one) to crash.  If a PKINIT
identity specifies a slotid, use it to filter the result of
C_GetSlotList, but don't try it if it does not appear in the list.

ticket: 7916
target_version: 1.12.2
tags: pullup
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git